Stolen NSA Hacking Tools For Sale In Bizarre Auction

The hackers who are auctioning off Cyber-weapons allegedly stolen from the National Security Agency are growing annoyed and want cash.

In what Edward Snowden deems “not unprecedented,” hackers calling themselves the Shadow Brokers have collected NSA-created malware from a staging server run by the Equation Group, an internal hacking team. The Shadow Brokers have now published two chunks of data, one “open” chunk and another encrypted file containing the “best files” that they will sell for at least $1 million. Wikileaks has said they already own the “auction” files and will publish them in “due course.”

The ShadowBrokers' sale of the stolen tools has so far generated little interest, the hackers complained in a message posted online, using broken English.

"TheShadowBrokers is not being interested in fame. TheShadowBrokers is selling to be making money," the hackers said. At the outset, their auction only had one substantial bid at 1.5 bitcoins, or $918. Many of the other bids were valued at less than $1. 

The hackers originally dumped a sample of the stolen hacking tools back in mid-August, and independent security experts later found the tools to actually work. The tools include exploits designed to compromise firewall and router products from Cisco, Juniper Networks and Fortinet, and are probably worth a fortune.

The hackers claim they have more Cyber-weapons to sell. However, they've taken the unusual step of offering them up through an open online auction relying on bitcoin.

Although anyone can participate, the hackers haven't said when they'll accept the final bid. The hackers also hoped to receive 1 million bitcoins, or $611 million, in exchange for leaking all they stole for free to the public. The unusual conditions have led some security researchers to suspect the auction is a publicity stunt. But the ShadowBrokers claim in their latest posting that the auction is real, despite "sounding crazy."

"Expert peoples is saying Equation Group Firewall Tool Kit worth $1 million," the group said. "TheShadowBrokers is wanting that $1 million."

They made the auction public to draw in the most bidders and never expected a bid of 1 million bitcoins, they added.  "Anticipate end (to the auction) when reasonable sum raised and bidding stops," the hackers added.

Although the ShadowBrokers are offering no guarantees, they did claim they have many more hacking tools that can target other platforms such as Windows, Linux and mobile devices. The tools up for auction will target one of these platforms and include ways to hack a system remotely and remain a persistent threat, they said. "Value estimated in millions of euros/dollars," the group added. 

It's unclear if the tools are really from the NSA. But the hackers claim to have stolen them from the Equation Group, an elite Cyber-espionage team suspected to work for the US government.

The hackers are hoping that victims and adversaries of the Equation Group will eventually bid on the auction. But the ShadowBrokers appear to be growing impatient. Their posting was also riddled with expletives.  

"TheShadowBrokers is wanting quick end too so be making [expletive] bids," the hackers said. 


TechCrunch:     Computerworld


 

« Overwhelming Cyber Attacks On Healthcare
Dealing With Insider Data Theft »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

LogicManager

LogicManager

LogicManager offer a complete set of IT governance, risk and compliance software solutions and advisory services.

NetMotion Software

NetMotion Software

NetMotion Software specializes in mobile performance management solutions to manage, secure and support the mobile enterprise.

aeCERT

aeCERT

aeCERT is the national Computer Emergency Response Team for the United Arab Emirates.

NextVision

NextVision

NextVision is a Cybersecurity and Technology company offering a range of solutions and services for Security, Compliance and IT Infrastructure Management.

Charterhouse Müller UK

Charterhouse Müller UK

Charterhouse Müller UK are a leading service provider for end of life IT services including data erasure and secure IT asset disposal.

Cyber Wales

Cyber Wales

Cyber Wales provides a focus and forum for everyone in the industry, helping businesses come together and collaborate both within Wales and internationally.

Beyond Identity

Beyond Identity

Beyond Identity employs an elegantly simple concept, the personal certificate authority and self signed certificates, to replace passwords.

Symmetry Systems

Symmetry Systems

Symmetry Systems is a provider of data store and object-level security (DSOS) solutions that give organizations visibility into, and unified access control of, their most valuable data assets.

Dutch Institute for Vulnerability Disclosure (DIVD)

Dutch Institute for Vulnerability Disclosure (DIVD)

DIVD's aim is to make the digital world safer by reporting vulnerabilities we find in digital systems to the people who can fix them.

Senteon

Senteon

Senteon is a turnkey cybersecurity platform designed to make securing confidential data affordable, understandable, and streamlined for small-to-mid sized businesses and MSPs.

CampusGuard

CampusGuard

CampusGuard focuses on the cybersecurity and compliance needs of campus-based organizations including higher education, healthcare, and state and local government.

Global Resilience Federation (GRF)

Global Resilience Federation (GRF)

GRF builds, develops and connects security information sharing communities for mutual defense.

Cambridge International Systems

Cambridge International Systems

For more than 25 years, Cambridge has been fighting bad actors in both the cyber and physical worlds.

Cybecs Security Solutions

Cybecs Security Solutions

Cybecs was founded to address rapid technological advancement, changing business models, global privacy regulations, and increasing cyber threats for global organizations.

CipherStash

CipherStash

CipherStash is a complete data governance and breach prevention platform.

Hunt & Hackett

Hunt & Hackett

Hunt & Hackett helps European companies prevent, detect and respond to today’s most advanced adversaries, safeguarding them against cyberthreats and espionage.